Vulnerabilities > CVE-2017-15874 - Integer Underflow (Wrap or Wraparound) vulnerability in Busybox 1.27.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Gentoo Local Security Checks |
| NASL id | GENTOO_GLSA-201803-12.NASL |
| description | The remote host is affected by the vulnerability described in GLSA-201803-12 (BusyBox: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or have other unspecified impacts. Workaround : There is no known workaround at this time. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 108627 |
| published | 2018-03-27 |
| reporter | This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/108627 |
| title | GLSA-201803-12 : BusyBox: Multiple vulnerabilities |